Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Cisco 3030 using v.3.6.3. VPN Client v.3.6.3.a., on Win2KTried to use AES-128. Set up IKE proposal with (Authentication = Preshared Keys, Authentication Algorithm = MD5/HMAC-128, Encryption Algorithm = AES-128, Diffie-Hellman Group: Group 2 (1024-bit...
I've assigned a user one static IP address from a pool, 172.30.95.133. I also have this pool on the same group (172.30.95.129-172.30.95.254). Somehow, Cisco 3030 (v.3.6.3) assigns 172.30.95.129 to this user (VPN Client v.3.6). What event class I can ...
If you use plain IPSec, or IPSec over udp, you will use udp 500.If you use IPSec over TCP, you can use any tcp port (subject to your firewall filters). All required packets, including ike will be encapsulated in tcp. You may see some udp packets to 5...
You are correct that the pool and static addresses need/should be different. I was assuming that the environment would behave similar to DHCP. In DHCP, if you have a static IP on your client, you will use that IP address. If DHCP server reserves an I...
Assuming software encrypts/decrypts much slower than hardware, then just blast a large file (1GB or so) or Iperf through the concentrator, and measure the difference between DES, 3DES, and AES, may show which was processed by SEP.
Yes, I have that option checked. There are several dozens of users in this group, with static IP addresses. Most of them received the correct static IP address. Only a few somehow were assigned static IP address but received the IP from the pool. Don...
Looking at the subject, assuming there will be 3000 user sites, consuming 3000 IPSec tunnels. If you were to connect the hq site directly to all user sites, the 7513/7200 couldn't really expected to terminate them all. Using star and spoke, each zone...
